1
CentOS shell企业案例实战
source link: https://blog.51cto.com/baicia/5523081
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
shell企业案例实战
企业中常用的监控命令
| 监控目录 | 命令 |
|---|---|
| 本地端口监控 | netstat -lntup<br>ss -lntup<br>lsof |
| 远端端口监控 | telnet<br>nc<br>nmap |
| 进程监控 | ps -ef<br>ps aux |
| web监控 | curl<br>wget |
| 数据库 | mysql-uroot-p123 -e ‘select ping()’ |
| 内存 | free -n |
| 磁盘 | df -h |
| 文件内容 | md5 |
本地端口监测
## 错误方式
[root@web01 ~]# netstat -lntup| grep '22'
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 874/sshd
tcp6 0 0 :::22 :::* LISTEN 874/sshd
## 正确方式
[root@web01 ~]# netstat -lntup| grep [s]sh
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 874/sshd
tcp6 0 0 :::22 :::* LISTEN 874/sshd
[root@web01 ~]# netstat -lntup | grep -w '22' &>/dev/null
[root@web01 ~]# echo $?
0
[root@web01 ~]# netstat -lntup | grep -w '555' &>/dev/null
[root@web01 ~]# echo $?
1
[root@web01 ~]# netstat -lntup | grep -w '555' | wc -l
0
[root@web01 ~]# netstat -lntup | grep -w '22' | wc -l
2
## ss
[root@web01 ~]# ss -lntup | grep 22
tcp LISTEN 0 128 *:22 *:* users:(("sshd",pid=874,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=874,fd=4))
[root@web01 ~]# ss -lntup | grep -w 22
tcp LISTEN 0 128 *:22 *:* users:(("sshd",pid=874,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=874,fd=4))
使用脚本判断远程端口是否存货
## telnet
[root@web01 ~]# vim c.sh
#!/bin/bash
ip=$1
port_count=`echo ''| telnet 172.16.1.8 22 2>/dev/null | grep 'Connected' | wc -l`
if [ $port_count -eq 0 ]
then
echo '窗口不存活'
else
echo '窗口存活'
fi
[root@web01 ~]# sh c.sh
窗口存活
## 使用telnet端口扫描
[root@web01 ~]# vim c.sh
#!/bin/bash
. /etc/init.d/functions
ip=$1
for port in `seq 100`;do
{
port_count=`echo ''| telnet $ip $port 2>/dev/null| grep 'Connected' | wc -l`
if [ $port_count -ne 0 ];then
action "$port 端口" /bin/true
fi
} &
done
[root@web01 ~]# sh c.sh 172.16.1.8
[root@web01 ~]# 22 端口 [ OK ]
## nc 网络中的瑞士军刀
[root@web01 ~]# echo '' | nc 172.16.1.8 80
[root@web01 ~]# echo $?
0
[root@web01 ~]# echo '' | nc 172.16.1.8 225
Ncat: Connection refused.
[root@web01 ~]# echo $?
1
# nc选项
-l:开启一个指定的端口
-k:保持端口持续连接
-u:指定nc使用UDP协议(默认tcp)
-s:指定发送数据的源IP地址,适用于多网卡机器
-w:设置超时时间
-z:扫描时不发送任何数据
## nmap
# 扫描单个IP
[root@web01 ~]# nmap 172.16.1.8
Starting Nmap 6.40 ( http://nmap.org ) at 2022-07-22 20:01 CST
Nmap scan report for 172.16.1.8
Host is up (0.00048s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
MAC Address: 00:0C:29:08:E6:A5 (VMware)
# 扫描单个IP的单个端口
[root@web01 ~]# nmap -p 80 172.16.1.8
Starting Nmap 6.40 ( http://nmap.org ) at 2022-07-22 20:02 CST
Nmap scan report for 172.16.1.8
Host is up (0.0020s latency).
PORT STATE SERVICE
80/tcp open http
MAC Address: 00:0C:29:08:E6:A5 (VMware)
# 扫描单个IP范围的端口
[root@web01 ~]# nmap -p 1-80 172.16.1.8
Starting Nmap 6.40 ( http://nmap.org ) at 2022-07-22 20:03 CST
Nmap scan report for 172.16.1.8
Host is up (0.00037s latency).
Not shown: 78 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
MAC Address: 00:0C:29:08:E6:A5 (VMware)
# 扫描多个IP范围的端口
[root@web01 ~]# nmap -p 1-80 172.16.1.8 172.16.1.61
Starting Nmap 6.40 ( http://nmap.org ) at 2022-07-22 20:04 CST
Nmap scan report for 172.16.1.8
Host is up (0.00091s latency).
Not shown: 78 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
MAC Address: 00:0C:29:08:E6:A5 (VMware)
Nmap scan report for 172.16.1.61
Host is up (0.0011s latency).
Not shown: 78 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
MAC Address: 00:0C:29:16:2E:16 (VMware)
[root@web02 ~]# ps -ef | grep [n]ginx
root 5950 1 0 19:43 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 5951 5950 0 19:43 ? 00:00:00 nginx: worker process
nginx 5952 5950 0 19:43 ? 00:00:00 nginx: worker process
[root@web02 ~]# ps -ef | grep [n]ginx | wc -l
3
[root@web02 ~]# systemctl stop nginx
[root@web02 ~]# ps -ef | grep [n]ginx | wc -l
0
## 远程进程检测
[root@web01 ~]# vim jc.sh
proc_count=`ssh 172.16.1.8 'ps -ef|grep [n]ginx|wc -l'`
if [ $proc_count -eq 0 ];then
echo 'nginx不存活'
else
echo 'nginx存活'
fi
[root@web01 ~]# sh jc.sh
nginx不存活
## curl选项
-I:获取主机响应头部信息
-s:默认输出
-o:保存下载页面内容
-w:获取状态码
-u:身份认证 -u 用户名:密码
-H:添加请求头部信息
-v:显示详细信息
-L:跟随跳转
-x:指定请求的方式
-A:修改用户的客户端
[root@web02 ~]# curl -s -w "%{http_code}" -o /dev/null blog.wsh.com
200
[root@m01 ~]# curl -uzls:zls -s -w "%{http_code}" -o /dev/null blog.zls.com
[root@web02 ~]# curl -v http://blog.wsh.com -L
## wget选项
-O:保存下载页面内容
-r:递归下载
--debug:显示访问的详细过程,类似 curl -v
-q:静默输出,类似 curl -s
--spider:只看不下载
[root@web01 ~]# vim 2.txt
[root@web01 ~]# md5sum 2.txt
1e2284211f7b4b5231d396759302c364 2.txt
[root@web01 ~]# md5sum 2.txt > /tmp/check_2.txt
[root@web01 ~]# md5sum -c /tmp/check_2.txt
2.txt: OK
[root@web01 ~]# echo 555 > 2.txt
[root@web01 ~]# md5sum -c /tmp/check_2.txt
2.txt: FAILED
md5sum: WARNING: 1 computed checksum did NOT match
监控系统内存,如果不足30%就发送邮件告警通知运维人员
[root@web01 ~]# yum -y install mailx
[root@web01 ~]# vim /etc/mail.rc
set [email protected]
set smtp=smtps://smtp.qq.com:465
set [email protected]
set smtp-auth-password=授权码
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/
[root@web01 ~]# vim free.sh
#!/bin/bash
cache=`free -m | awk 'NR==2{print int($3/($3+$4)*100)}'`
if [ $cache -gt 70 ]
then
echo "内存不足30%" | mail [email protected]
fi
检测nginx服务是否正常,业务是否正常
[root@web02 blog]# vim /etc/nginx/conf.d/wsh.conf
server{
listen 80;
server_name blog.wsh.com;
root /blog;
index index.html;
}
}
[root@web02 blog]# vim index.html
www
fff
555
777
[root@web02 blog]# systemctl start nginx
[root@web02 blog]# netstat -lntup | grep [n]ginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5118/nginx: master
[root@web02 ~]# vim web.sh
#!/bin/bash
web1=`netstat -lntup | grep [n]ginx | wc -l`
web2=`ps -ef | grep [n]ginx | wc -l`
web3=`curl -s -w "%{http_code}" -o /dev/null blog.wsh.com`
if [ $web1 -eq 0 ];then
echo '端口不存在'
elif [ $web2 -eq 0 ];then
echo "进程不存在"
elif [[ $web3 =~ ^[^2-3] ]];then
echo "服务已挂,状态码为:$web3"
else
echo "业务正常"
fi
[root@web02 ~]# sh web.sh blog.wsh.com
业务正常
[root@web02 ~]# rm -f /blog/index.html
[root@web02 ~]# sh web.sh blog.wsh.com
服务已挂,状态码为:403
1.监控系统内存,如果不足30%就发送邮件告警通知运维人员
[root@m01 ~]# yum install -y mailx
set [email protected]
set smtp=smtps://smtp.qq.com:465
set [email protected]
set smtp-auth-password=#客户端授权码
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/
## 系统内存
# 可用内存
[root@m01 ~]# free -m|awk 'NR==2{print $NF}'
692
# 所有内存
[root@m01 ~]# free -m|awk 'NR==2{print $2}'
972
[root@m01 ~]# vim check_mem.sh
#!/bin/bash
IP=`ifconfig eth0|awk 'NR==2{print $2}'`
mem_ava=`free -m|awk 'NR==2{print int($NF/$2*100)}'`
mem_info=`free -m|awk 'NR==2{print $NF}'`
if [ $mem_ava -lt 30 ];then
echo -e "IP地址:$IP\n主机名:$HOSTNAME\n内存可用率:低于30%\n当前可用内存:${mem_info}M" \
|mail -s "${IP}内存检测结果" [email protected]
fi
<table border=1px color=red>
<tbody>
<tr bgcolor="lightgreen">
<td colspan=7 align=center>内存监控信息</td>
</tr>
<tr>
<td align=center>IP地址</td>
<td align=center>主机名</td>
<td align=center>内存可用率</td>
<td align=center>当前可用内存</td>
</tr>
<tr>
<td align=center>passwd</td>
<td align=center>/etc/</td>
<td align=center>31</td>
<td align=center>删除用户</td>
</tr>
</tbody>
</table>
使用sendEmail
# 1.下载sendEmail
wget http://test.driverzeng.com/other/sendEmail-v1.56.tar.gz
# 2.安装依赖
yum install perl-Net-SSLeay perl-IO-Socket-SSL -y
# 3.解压
tar xf sendEmail-v1.56.tar.gz
# 4.创建安装目录
[root@m01 ~]# mkdir /app
# 5.移动软件到安装目录中
[root@m01 ~]# mv sendEmail-v1.56 /app/
# 6.添加环境变量
[root@m01 ~]# vim /etc/profile.d/sendEmail.sh
PATH="/app/sendEmail-v1.56:$PATH"
# 7.加载环境变量
[root@m01 ~]# source /etc/profile
## sendEmail选项
-f [email protected]# 发件人邮箱地址
-t [email protected]# 收件人邮箱地址
-s smtp.qq.com# 发件人邮箱的smtp服务器地址
-u 'zls test email'# 邮件标题
-m 'test mail content'# 邮件内容
-a /tmp/data.txt /tmp/1.jpg#发送附件
-xu 112233# 发件人邮箱登录用户名
-xp fdnzuslqhshgkslxj# 发件人邮箱登录密码(QQ邮箱的授权码)
-cc [email protected]# 抄送指定用户
-bcc [email protected]# 加密抄送
-o message-content-type=html# 邮件内容格式为html
-o message-file=FILE# 指定某个文件内容作为邮件内容
-o message-charset=utf8# 邮件内容编码为utf8
-o tls=no#关闭tls握手
## 发送html格式邮件
[root@m01 ~]# cat check_mem.sh
#!/bin/bash
IP=`ifconfig eth0|awk 'NR==2{print $2}'`
mem_ava=`free -m|awk 'NR==2{print int($NF/$2*100)}'`
mem_info=`free -m|awk 'NR==2{print $NF}'`
if [ $mem_ava -gt 30 ];then
cat > mem_info.txt <<EOF
<table border=1px color=red>
<tbody>
<tr bgcolor="#fff000">
<td colspan=7 align=center>内存监控信息</td>
</tr>
<tr>
<td align=center>IP地址</td>
<td align=center>主机名</td>
<td align=center>内存可用率</td>
<td align=center>当前可用内存</td>
</tr>
<tr>
<td align=center>$IP</td>
<td align=center>$HOSTNAME</td>
<td align=center>小于30%</td>
<td align=center>${mem_info}M</td>
</tr>
</tbody>
</table>
EOF
sendEmail -f [email protected] \
-t [email protected] \
-s smtp.qq.com \
-u "${IP}主机内存检测结果" \
-xu 253097001 \
-xp tcrvcdgkxxgybiab \
-o message-content-type=html \
-o message-file=mem_info.txt \
-o message-charset=utf8 \
-o tls=no
fi
2.检查nginx服务是否正常,业务是否正常
[root@m01 ~]# cat check_web.sh
#!/bin/bash
. /etc/init.d/functions
domain_name_list=(www.zls.com blog.zls.com php.zls.com)
IP_list=(10.0.0.61 10.0.0.7)
proc_count=`ps -ef|grep [n]ginx|wc -l`
port_80_count=`netstat -lntup|grep -w '80'|wc -l`
port_443_count=`netstat -lntup|grep -w '443'|wc -l`
# 本地
for domain_name in ${domain_name_list[*]};do
http_code=`curl -s -w "%{http_code}" -o /dev/null $domain_name`
if [ $http_code -eq 401 ];then
action "${domain_name}网站正常,但是身份验证不通过" /bin/false
elif [[ $http_code =~ ^[4-5] ]];then
action "${domain_name}网站无法访问" /bin/false
elif [ $proc_count -le 0 ];then
action "nginx进程" /bin/false
elif [ $port_80_count -le 0 ];then
action "nginx的80端口检测" /bin/false
#elif [ $port_443_count -le 0 ];then
# echo 'nginx的443端口不存在'
else
action "${domain_name}网站" /bin/true
fi
done
# 远程
for IP in ${IP_list[*]};do
proc_count=`ssh $IP "ps -ef|grep [n]ginx|wc -l"`
port_80_count=`ssh $IP "netstat -lntup|grep -w '80'|wc -l"`
port_443_count=`ssh $IP "netstat -lntup|grep -w '443'|wc -l"`
for domain_name in ${domain_name_list[*]};do
http_code=`curl -s -w "%{http_code}" -o /dev/null $domain_name`
if [ $http_code -eq 401 ];then
action "${domain_name}网站正常,但是身份验证不通过" /bin/false
elif [[ $http_code =~ ^[4-5] ]];then
action "${domain_name}网站无法访问" /bin/false
elif [ $proc_count -le 0 ];then
action "$IP nginx进程" /bin/false
elif [ $port_80_count -le 0 ];then
action "$IP nginx的80端口检测" /bin/false
#elif [ $port_443_count -le 0 ];then
# echo 'nginx的443端口不存在'
else
action "${domain_name}网站" /bin/true
fi
done
done
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK